Re: changing framebuffer device owner during login
On Sat, Jun 16, 2001 at 08:24:23PM +0200, Wichert Akkerman wrote:
> Previously Jochen Voss wrote:
> > 1) "pam_console" seems not to be packed for debian. Maybe it is
> > RedHat specific? Is there any way to change the owner of den
> > frambuffer devices for console logins, using our current PAM
> > implementation? And, if possible, shouldn't this be done by default?
>
> It is RedHat specific, and it is also a security problem as long as
> the kernel does not implement the revoke systemcall.
Which one is the security problem? The pam_console module,
or changing the owner of /dev/fb0? And what is the
revoke system call supposed to do?
> > 2) A group "video" does exist in my "/etc/group" file,
> > but the framebuffer device permissions are
> >
> > crw--w--w- 1 root tty 29, 0 May 5 2000 /dev/fb0
> >
> > Maybe this should be mode "660" and group "video"?
> No, group video is for video-capture devices.
Where can I learn about this?
So my problem remains: how can I setup my system to
use the framebuffer console device as an ordinary user?
Is this possible at all?
Jochen
--
Omm
(0)-(0)
http://www.mathematik.uni-kl.de/~wwwstoch/voss/privat.html
Reply to: